6.8

CVSS3.1

CVE-2025-32726 - Visual Studio Code Elevation of Privilege Vulnerability

Improper access control in Visual Studio Code allows an authorized attacker to elevate privileges locally.

📅 Published: April 12, 2025, 1:32 a.m. 🔄 Last Modified: Feb. 26, 2026, 6:28 p.m.

7.3

CVSS3.1

CVE-2025-29803 - Visual Studio Tools for Applications and SQL Server Management Studio Elevation of Privilege Vulner…

Uncontrolled search path element in Visual Studio Tools for Applications and SQL Server Management Studio allows an authorized attacker to elevate privileges locally.

📅 Published: April 12, 2025, 1:32 a.m. 🔄 Last Modified: Feb. 13, 2026, 7:33 p.m.

6.1

CVSS3.1

CVE-2025-2269 - Photo Gallery by 10Web – Mobile-Friendly Image Gallery <= 1.8.34 Reflected Cross-Site Scripting via…

The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘image_id’ parameter in all versions up to, and including, 1.8.34 due to insufficient input sanitization and output escaping. This makes it possible for unauthenti…

📅 Published: April 11, 2025, 11:21 p.m. 🔄 Last Modified: April 8, 2026, 5:24 p.m.

9.3

CVSS4.0

CVE-2025-0129 - Prisma Access Browser: Inappropriate control behavior in Prisma Access Browser

An improper exception check in Palo Alto Networks Prisma Access Browser allows a low privileged user to prevent Prisma Access Browser from applying it's Policy Rules. This enables the user to use Prisma Access Browser without any restrictions.

📅 Published: April 11, 2025, 10:25 p.m. 🔄 Last Modified: June 13, 2025, 9:15 p.m.

6.7

CVSS4.0

CVE-2024-11679 -

An input validation weakness was reported in the TpmSetup module for some legacy System x server products that could allow a local attacker with elevated privileges to read the contents of memory.

📅 Published: April 11, 2025, 6:21 p.m. 🔄 Last Modified: April 15, 2025, 6:39 p.m.

0

CVSS4.0

CVE-2025-0123 - PAN-OS: Information Disclosure Vulnerability in HTTP/2 Packet Captures

A vulnerability in the Palo Alto Networks PAN-OS® software enables unlicensed administrators to view clear-text data captured using the packet capture feature https://docs.paloaltonetworks.com/pan-os/11-0/pan-os-admin/monitoring/take-packet-captures/take-a-custom-packet-capture in decrypted HTTP/…

📅 Published: April 11, 2025, 5:43 p.m. 🔄 Last Modified: April 15, 2025, 6:39 p.m.

6.3

CVSS4.0

CVE-2025-0119 - Cortex XDR Broker VM: Authenticated Command Injection Vulnerability in Broker VM

A command injection vulnerability in the Palo Alto Networks Cortex XDR® Broker VM allows an authenticated user to execute arbitrary OS commands with root privileges on the host operating system running Broker VM.

📅 Published: April 11, 2025, 5:37 p.m. 🔄 Last Modified: April 15, 2025, 6:39 p.m.

6.9

CVSS4.0

CVE-2025-32077 - XSSes in Extension:SimpleCalendar

Improper Input Validation vulnerability in The Wikimedia Foundation Mediawiki - Extension:SimpleCalendar allows Cross-Site Scripting (XSS).This issue affects Mediawiki - Extension:SimpleCalendar: from 1.39 through 1.43.

📅 Published: April 11, 2025, 4:25 p.m. 🔄 Last Modified: April 15, 2025, 6:39 p.m.

6.9

CVSS4.0

CVE-2025-32078 - XSSes and potential RCE in Special:VersionCompare

Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki - Version Compare Extension allows Cross-Site Scripting (XSS).This issue affects Mediawiki - Version Compare Extension: from 1.39 through 1.43.

📅 Published: April 11, 2025, 4:24 p.m. 🔄 Last Modified: April 15, 2025, 6:39 p.m.

6.5

CVSS3.1

CVE-2025-32079 - Saving the right content to MediaWiki:GrowthMentors.json can take down the site

Improper Input Validation vulnerability in The Wikimedia Foundation Mediawiki - GrowthExperiments allows HTTP DoS.This issue affects Mediawiki - GrowthExperiments: from 1.39 through 1.43.

📅 Published: April 11, 2025, 4:24 p.m. 🔄 Last Modified: July 7, 2025, 3:15 p.m.
Total resulsts: 343968
Page 5380 of 34,397
« previous page » next page
Filters